+} elseif (REQUEST_ISSET_GET(('reset_pass'))) {
+ // Is the form submitted?
+ if ((REQUEST_ISSET_POST(('send_link'))) && (REQUEST_ISSET_POST(('email')))) {
+ // Try to send the link out
+ $OUT = ADMIN_SEND_PASSWORD_RESET_LINK(REQUEST_POST('email'));
+
+ // Output result
+ LOAD_TEMPLATE("admin_settings_saved", false, $OUT);
+ } elseif (REQUEST_ISSET_GET(('hash'))) {
+ // Output form for hash validation
+ LOAD_TEMPLATE("admin_validate_reset_hash_form", false, REQUEST_GET('hash'));
+ } elseif ((REQUEST_ISSET_POST(('validate_hash'))) && (REQUEST_ISSET_POST(('login'))) && (REQUEST_ISSET_POST(('hash')))) {
+ // Validate the login data and hash
+ $valid = ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN(REQUEST_POST('hash'), REQUEST_POST('login'));
+
+ // Valid?
+ if ($valid === true) {
+ // Prepare content first
+ $content = array(
+ 'hash' => SQL_ESCAPE(REQUEST_POST('hash')),
+ 'login' => SQL_ESCAPE(REQUEST_POST('login'))
+ );
+
+ // Validation okay so display form for final password change
+ LOAD_TEMPLATE("admin_reset_password_form", false, $content);
+ } else {
+ // Cannot validate the login data and hash
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED'));
+ }
+ } elseif ((REQUEST_ISSET_POST(('reset_pass'))) && (REQUEST_ISSET_POST(('hash'))) && (REQUEST_ISSET_POST(('login'))) && (REQUEST_ISSET_POST(('pass1'))) && (REQUEST_POST('pass1') == REQUEST_POST('pass2'))) {
+ // Okay, we shall the admin password here. So first revalidate the hash
+ if (ADMIN_VALIDATE_RESET_LINK_HASH_LOGIN(REQUEST_POST('hash'), REQUEST_POST('login'))) {
+ // Set the password now
+ $OUT = ADMIN_RESET_PASSWORD(REQUEST_POST('login'), REQUEST_POST('pass1'));
+
+ // Output result
+ LOAD_TEMPLATE("admin_reset_pass_done", false, $OUT);
+ } else {
+ // Validation failed
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_VALIDATION_RESET_LOGIN_HASH_FAILED2'));
+ }
+ } else {
+ // Output reset password form
+ LOAD_TEMPLATE("admin_send_reset_link");
+ }
+} elseif ((!isSessionVariableSet('admin_login')) || (!isSessionVariableSet('admin_md5')) || (!isSessionVariableSet('admin_last')) || (!isSessionVariableSet('admin_to')) || ((get_session('admin_last') + bigintval(get_session('admin_to')) * 3600 * 24) < time())) {